Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS0zeDN3LTg0OXEtNDIzds4AA33W
Xnx3 Wangmarket Cross-Site Scripting vulnerability
A vulnerability was found in xnx3 wangmarket 6.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Role Management Page. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248246 is the identifier assigned to this vulnerability.
Permalink: https://github.com/advisories/GHSA-3x3w-849q-423vJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS0zeDN3LTg0OXEtNDIzds4AA33W
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 12 months ago
Updated: 12 months ago
CVSS Score: 4.7
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Identifiers: GHSA-3x3w-849q-423v, CVE-2023-6886
References:
- https://nvd.nist.gov/vuln/detail/CVE-2023-6886
- https://github.com/xnx3/wangmarket/issues/8
- https://vuldb.com/?ctiid.248246
- https://vuldb.com/?id.248246
- https://github.com/advisories/GHSA-3x3w-849q-423v
Blast Radius: 1.0
Affected Packages
maven:com.xnx3.wangmarket:wangmarket
Dependent packages: 0Dependent repositories: 0
Downloads:
Affected Version Ranges: <= 6.1.0
No known fixed version
All affected versions: 5.6.12, 5.6.17